LinkPatrol

I’ve been asked a few times and seen an array of tweets about people having issues with comment spam on their WordPress blogs, even when they’re using tools such as Akismet to try (mostly fruitlessly) to prevent spammers from getting their comment through to the blog or even just the Pending queue.

My blog literally has literally had 0 spam comments, ever. That’s not including manually created comments done by people to try and break past my relentless commentluv barrier but I’m very picky when it comes to allowing comments through onto my blog, I loose a good chunk of around 25% of my comments each day due to me disliking the tone etc… (Apologies in advanced for anybodies who doesn’t get accepted).

The one spam comment that is currently sitting in my qeue though, isn’t even a spam comment:

The Plugins Setup -

I have a few different plugins I use and I suggest having all 3 enabled and configured correctly for optimal spam stoppage!

Akismet is just an identifier, it’ll look for specific comments that tick the criteria of a spam comment and push them into the comment box. This is our almost last layer of protection vs spam comments compared to the other plugins we’ll be using.

Growmap is made by the same guys who make CommentLuv, which surprisingly enough I also have on my blog. It’s the “Confirm you’re not a spammer” box you might say plastered around various blogs. This is meant to stop software like ScrapeBox and No Hands SEO from being able to submit comments to your box and tends to work very effectively, especially vs the likes of timeout scripts.

AVH is a plugin that not many know about and hardly any use. It’s created by the guy behind the Stop Forum Spam plugin so is mainly used on Forums and not on blog comment spam blacklists. This pulls in data from all over the place so people who have been spamming from 100s of different proxies won’t be able to even access the comments of your blog and when they try to post will be immediately blocked.

If any comments do get through, you always have the option to report for spam and add it to the blacklist on the SFS database, which means you’re helping the rest of the community using this plugin and making the internet less spammy in general.

This means you’ll be improving the community behind SFS, banning someone from your website from ever commenting again and saving the net from spam, 1 little IP at a time!

OnPage Tips/Tricks -

These aren’t the quick and easy install a plugin type tricks and some I don’t recommend if you don’t know your way around the technical sides of CMSs, otherwise get a friend who does and get them to do it for you!

Modify your .htaccess

This is super easy and really helps make your site more secure from both spam and hackers crawling bots.

Prevent Comment Spammers with .htaccess

Just add this to your .htaccess file and replace the “youurl” with your blogs URL (e.g. godofseo.co)

This is simple and you can just add new IPs or even IP ranges to the list –

# block ip
order allow,deny
deny from XXX.XXX.XX.XXX
deny from XXX.XX.XXX.XX
deny from XXX.XX.X.XX
allow from all

This’ll disallow any of those IP addresses from visiting your site.

Well it Works -

I use these 3 plugins across all of my blogs and they genuinely work really nicely, along with the extra tricks, your blog will be protected easily.

Try it for yourself and post your results in the comments section below, and if you have any tips or plugins you use, don’t forget to share them below and we can slowly eradicate the annoyance of spam as dedicated blog owners.

Charles Floate is an SEO Engineer at WoW Internet and the writer of God of SEO, an Internet & Search Marketing blog specializing in Link Building. Charles has over 5 years experience in the SEO Industry.

10 thoughts on “How to Stop Spam Comments for GOOD!”

a couple of points. your God of SEO site has people using your commenting system to post links back to their site in quite an obvious way. Also, you do a heck of a lot of blog spam, i.e. your ranking for rand case study, you apologised to all those blogs you spammed.

Hi Charles,Have you tried the new commentLuv Antibacklink plugin?Looks like that works with a bunch of options to kick out unwanted comments . That’s the only one I have now and I’m almost 100% comfortable with it

This article is really informative for blocking spam. In the wordpress , the last part is informative as spammers ignore all plugins (infact they say hi hi to those plugins) and goes to directly the page wp-comments-post.php.Or I think so. I have tried lot of plugins to stop spam, but there was no use as the spam was keep on coming. Onetime they injected 35k comments to slow down the website.Finally I removed the file “wp-comments-post.php” and the spam stopped.I reinstalled the file after adding the following code at top of wp-comments-post.php. After wards upto now there is no spam problem for me. Who knows how many months it will work??

What it does, It just check who is the referrer, and if the referrer is not your domain, it exit the page with a message. You can cut and past this in your browser and you will see that the script is workinghttp://snydle.com/wp-comments-post.php

I still could not understand why wordpress folks not implemented something like this?? May be they are more interested in selling Akismet.I am posting this here hoping that some php expert will look to this and post a reply, as I am not expert in PHP scripts

I appreciate your post… good timing. We’ve always used Askimet to filter spam, but on some of the sites we maintain something more robust is required. I have downloaded the other two and we shall give that a go.

The php code I have added on the post did not show up in the commend. I think the server deleted it since it has seen < ? php. So I have again posted it. Can you please append it with older comment or approve it?

Great post Charles. Particularly liked the comment by Sajith regarding the hack involving wp-comments-post and htaccess, that is well done.

Also would like to point out I am seeing an increasing amount of spammers using registered and verified Gravatar accounts to post spam. By using a registered Gravatar account with photo, it makes it more “approve worthy” to webmasters scanning the queue for legit posts.

I see SEJ also uses the Grownmap anti-spam plugin. Great plugin, but doesn’t work as good as it used to. I particularly saw an increase after WP 3.6 for some reason. Either way I used to get about 1000 spam comments a day now I am down to a dozen which is perfectly acceptable to me.